Saturday, August 11, 2012

Kaspersky Lab, a Moscow-based computer security firm has found a new cyber surveillance virus that has been spying on banking transactions, stealing login information for social networks, email and instant messaging in the Middle East – specifically targeting Lebanon’s BlomBank, ByblosBank and Credit Libanais. And infected computers also include CitiGroup Inc.’s Citibank and eBay’s PayPal online payment system.

This virus’ focus on online banking makes it a potential threat to banking systems worldwide. Researchers are still trying to determine if this virus is simply conducting surveillance on banking transactions, or if it is being used to steal money out of targeted accounts.

Being called Gauss by the Kaspersky Lab, who confirmed that the new virus is related to Stuxnet, Flame and Duqu, yet a more sophisticated, state-sponsored cyber-espionage tool.

Gauss is capable of being used as a weapon to attack industrial control systems, just like Stuxnet which was used to go after Iran’s Natanz nuclear power plant facility in 2010. Gauss can encrypt programs that are compressed onto a USB drive, then decompress them once the virus is able to contact to a targeted computer.

Kapersky Lab stated:

After looking at Stuxnet, Duqu and Flame, we can say with a high degree of certainty that Gauss comes from the same ‘factory’ or ‘factories.’ All these attack toolkits represent the high end of nation-state-sponsored cyber-espionage and cyber war operations.

According to Jeffrey Carr, cyber warfare expert for the security firm Taia Global, the US government has been monitoring Lebanese Banks for activity traceable to militant groups and drug cartels. Carr said:

You’ve got this successful platform. Why not apply it to this investigation into Lebanese banks and whether or not they are involved in money laundering for Hezbollah?

US intelligence is touting that “Beirut is a hot spot for the clandestine movement of money by states” in reference to money laundering.

Iran has stated that Flame and Stuxnet specifically targeted their oil refineries with the intent to disrupt oil production. Gauss could be used for this purpose; however, it is designed to infiltrate banking systems' online infrastructure with complex algorithms and encrypted code bases.

Kapersky Lab is still analyzing Gauss and its capabilities. They confirmed that the creator of the virus went to a great deal of trouble to disguise its purpose by using sophisticated encryption codes that may take months to decipher.

The Budapest University of Technology and Economics’s Laboratory of Cryptography and System Security have devised a free test that determines whether or not the tell-tale Palida Narrow font is downloaded to any computer.

In tandem, the Federal Bureau of Investigations (FBI) is claiming that another malware scheme is directing Web users to a compromised version of the FBI website. When on this fake FBI website, the malware known as Reventon will extract data and coerce users to pay an online fine.

The UN’s International Telecommunications Union (ITU) has issued a warning to world leaders to protect their infrastructure because of the threat of Gauss. Marco Obiso, cyber security coordinator for ITU said: “We don’t know what exactly it does. We can have some ideas. We are going to emphasize this.”

The Department of Homeland Security (DHS) is analyzing Gauss’ potential threat to the US. Peter Boogaard, DHS spokesperson commented: “The department’s cyber security analysts are working with organizations that could potentially be affected to detect, mitigate and prevent such threats.”

The Cybersecurity Act of 2012 was introduced and voted down by the Senate in July with false claims perpetuated by President Obama that “. . . foreign governments, criminal syndicates and lone individuals are probing our financial, energy and public safety systems every day. It would be the height of irresponsibility to leave a digital backdoor wide open to our cyber adversaries”

Shawn Henry, a veteran of the cyber security division in the FBI, has stated that a cyber-attack is “very, very likely” to occur soon.

The Obama administration, in response to the Congress rejecting the CSA, is considering an executive order “to protect the nation’s critical computer infrastructure”, according to John Brennan, Homeland Security advisor.

One of the things that we need to do in the executive branch is to see what we can do to maybe put additional guidelines and policies in place under executive branch authority. I mean if the Congress is not going to act … then the president wants to make sure that we are doing everything possible.

Brennan said that an executive order would be a “good vehicle” to ensure government agencies are empowered to take action “to make sure the nation is protected.”

Stewart Baker, former senior official for the DHS and cyber security expert at the law firm Stepoe and Johnson remarked:

The president can say we can’t wait, and I’m going to do what Congress can’t and protect the American people from cyber-attacks (and) in an election year, that sounds like a pretty promising approach.

Obama has repeatedly circumvented Congress with his use of executive orders. This instance would be another where he would be abusing his executive powers.

Because of the global fiat currency implosion that began in 2008, the banking cartels have been propping up the American financial system to stave off a complete monetary collapse in the United States. However, it has always been their intention to bring down the monetary system in America.

Ironically, Gauss may be the mode in which they are able to carry this out.

During the MF Global scandal, Jon Corzine ordered segregated customer funds to be secretly redirected into accounts in JPMorgan. During this beta-test, the banking cartels got away with stealing $200 million of customer money without suffering repercussions.

Recently, we have seen other types of theft out of customer accounts held in major banks like Bank of America (BoA) wherein they drilled into a customer’s safety deposit box, confiscated family heirlooms and transferred them out of the bank. The customer’s property was sent to North Carolina before the theft was detected. When the customer attempted to retrieve their property, BoA claimed they did not have a social security number on file which was why they emptied out the safety deposit box. However, when opening a safety deposit box, the customer’s social security number is provided on the initial documentation.

The lie BoA perpetrated on the customer was simply to distract from the fact that they overtly stole from their customer’s private account. And this small-time thievery may be a symptom of a larger banking scheme looming in the distance.

Gauss, which is an online banking surveillance virus, has the capability of electronically transferring information out of customer accounts to be redirected to another location. The banking industry would be devastated if suddenly they were infiltrated by Gauss, which would cause every banking customer to become insolvent overnight.

This sets the stage for the banking holiday that we’ve all been warned about. For example, the mainstream media would be used to announce that Gauss has infected all domestic banking computer systems. In order to purge the virus, all banks would need to shut down for a specified amount of time in order to reconfigure their computers. Perhaps on a Friday afternoon, the major banks will all announce that they will shut down to customer activity so they can “get rid of” Gauss from their system. The banks might say that they will reopen to the public on Monday morning.

Customers would not be able to conduct any financial transactions, either in the bank or online over that weekend. And with the promise that everything will be OK on Monday, there is no threat of a banking holiday because the cover story is that a virus must be purged before regular banking can continue.

However, this would be a false flag meant to pacify the public to avert mass panic. While the general public would fall for the cover story, the banking cartels would simply electronically transfer all customer funds from private checking accounts out to off-shore banks where they could not be touched and cover their tracks.

Then on Monday morning, while the reports that the banking industry suffered greater infiltration than expected, the DHS and US armed forces would be poised to enact martial law to control the potential for domestic insurrection caused by the realization that every American has had their money stolen from them by the banking cartels in one fell swoop.

Susanne Posel is the Chief Editor of Occupy Corporatism. Our alternative news site is dedicated to reporting the news as it actually happens; not as it is spun by the corporately funded mainstream media. You can find us on our Facebook page.

Any bank that claim they have a Gauss infection, is a bank who's transaction server must be using MICROSOFT WINDOWS and facing the web without a firewall, or hardening or any protection at all.

or

They have an employee who physically brought it in on a USB stick.

There is no other way for them to claim they are infected, what every the say will be a LIE unless it matches with one of these TWO methods. Bottom line, if a bank has this, it's a bank who's security planning is ZERO. I'll let you do the math on their integrity.

A bank should NEVER HAVE THIS VIRUS.

ANY BANK THAT CLAIMS THEY HAVE THIS VIRUS OUGHT TO BE FLOODED WITH LAW ENFORCEMENT ARRESTING EVERY EMPLOYEE AT THAT BANK, FOR DOMESTIC TERRORISM!!!

IN MY OPINION...It's getting in for some, because USERS don't filter FRAME, IFRAME and XFRAME Do you filter them? No? There it is... YOUR problem, and it ain't just Gauss hitting it. I suggest trying the worm virut.ce through an iframe and get back to me to let me know how much fun you've had after you've reformatted back to bare metal.

Once you get them (frames) filtered out, you are going to find websites that you must make exceptions for. I suggest you make very FEW exceptions, instead harp on the programmers to remove these stupid frames from their programming code and get with the 21st century, so they can remain filtered out as the OLD sloppy hack crap they are.

Also...Users' in addition to NEVER READING LOGS, they don't manage their operating system's processes with tools like "Process Hacker."

With the advent of win 7 now there are so many processes running compared to XP's roughly 20 or so (mine is down to 12 processes on XP) it is more difficult to watch, yet not impossible. Do you watch? Never? Ack, your bad...

PASSWORD IDIOCY..Another problem, users still aren't managing their passwords in a password manager like KEEPASS or KEEPASSX. If you are storing passwords in a browser, it doesn't surprise me all of your accounts are cracked. Get your passwords off your system, it will take a MONTH to put them all into a password manager and get them OFF your physical drive, that way since when you browse with No firewall and get infected, there's NOTHING TO STEAL ON YOUR BOX.What a concept I say.

Kaspersky is a smart man, he wants to profit from his work, his work is fine work, even today I still *respect his actual work*, but lately these past few years, he's making things political, and his way is just not the way to go. He ultimately would have us all required to use some form of internet drivers licenses. You can bet however it would be implemented would be a middle finger to anonymity (unless you can steal someone else's) until the end of time.

This concept is a utopia for fascist globalist militaristic domination.

IMO about that internet drivers license - He needs to shut the **** up, slam another v0dsky and get back to reversing binaries, selling his wonderful products. I love the man's skill, yet I hate the man's politics which fit right in with the Problem, Reaction, Solution game which is stripping our GOD GIVEN rights away.

This nation fell long ago. The people just haven't caught on yet. The banks own the entire place. From the land, to the Congress, to the Supreme Court, and The White House. All laws, executive orders and bills are written by bankers and handed to their minions on Congress for rubber stamping. The people are just still fact asleep and probably won't ever wake up.

When I first got this computer, I had a problem renewing the security that I had had for the old one, so I went to Kaspersky. My transaction still wouldn't go through after several tries, so I went and got Norton instead; it went through the first time. I sent Kaspersky a nastygram about it; they got back to me in a couple of hours, and I had to tell them "sorry about that---." I think the problem in the first place was that my billing address is a P.O. box. All the creepy authoritarians hate that, and demand street addresses; I won't do business with organizations like that. So it wouldn't surprise me if Kaspersky was in bed with the conspiracy, not at all.

I believe you and Alex Jones are on the same stroy from different angels. Please see http://www.infowars.com/u-s-banks-told-to-prepare-for-total-collapse . I think Guass is the way that they want to bring in Martail Law.

The operating systems to proof of crackers, hackers and malware do not exist.

Therefore, no intelligent user of GNU / Linux or Mac OS can feel safe - for being part of a minority (5%) - of the misfortunes that have the vast majority (95%) of users because of their PCs with Winbugs installed.

If you have Ubuntu installed - which implies that you know the least of GNU / Linux distros - has the obligation to know and take the same security precautions who take everyone when are surfing and interact with the web.

9/11 Questions

Activist Post is an Independent News blog for Activists challenging the abuses of the establishment.

FAIR USE NOTICE. Many of the stories on this site contain copyrighted material whose use has not been specifically authorized by the copyright owner. We are making this material available in an effort to advance the understanding of environmental issues, human rights, economic and political democracy, and issues of social justice. We believe this constitutes a 'fair use' of the copyrighted material as provided for in Section 107 of the US Copyright Law which contains a list of the various purposes for which the reproduction of a particular work may be considered fair, such as criticism, comment, news reporting, teaching, scholarship, and research. If you wish to use such copyrighted material for purposes of your own that go beyond 'fair use'...you must obtain permission from the copyright owner.

Paid advertising on Activist Post may not represent the views and opinions of this website and its contributors. No endorsement of products and services advertised is either expressed or implied.

All opinions expressed by contributors to this site are theirs and theirs alone.